[This blog is part of a series on the pandemic. The introduction to the series can be found here.]
Introduction
Two types of data enjoy freedom of movement within cyberspace networks: public data and personal data. On the one hand, at the international level, public data have been subjected to a policy of openness and spontaneous dissemination, mainly since the adoption of the G8 Open Data Charter in 2013 and the International Open Data Charter in 2015. On the other hand, personal data are generally governed by fundamental rights, namely the protection of privacy and personal data (Article 7 and 8 EU Charter of Fundamental Rights, EU-Charter). Public data are not unrelated to the guarantee of fundamental rights, especially if they are private (Lanna, 2018). Accordingly, the collection, processing and re-use of data by public or private actors is regulated by law. (more…)
Approximately a third of public sector spending goes to procure third-party goods, services, and works. Procurement rules and policies seek to ensure that contract awards are free from corruption, conflicts of interest or anticompetitive practices, and that these vast sums of public funds generate value for money and support social, environmental, and innovative practices. There is always room for improvement, though. The adoption of digital technologies is seen as a strategic catalyst for procurement reform, to increase the effectiveness of procurement regulation. Digitalisation could reduce the administrative burden through automation, generate data insights to inform policies and boost efficiency in public spending, and serve as a living lab for GovTech experimentation.
However, the transformative potential presumed in digital technologies generates hype and excessive expectations on the true size and nature of the achievable improvements. It also tends to overshadow the required groundwork and preparatory investment. New digital governance risks and requirements are not always recognised or understood. The growing public sector digital capability gap raises further obstacles. Heightened expectations and a minimisation of the challenges can get on the way of successful reform. In ongoing research funded by the British Academy, I apply an innovative technology-centred methodology to assess the governance opportunities and challenges for procurement digitalisation. This blog post provides a summary of the main findings so far. I will also be discussing them with a stellar panel on 15 December 2022 (details and registration). (more…)
By Dr Asma Vranaki, Lecturer in Law (University of Bristol Law School).
European data protection authorities (EU DPAs) play crucial roles in protecting personal data rights. However, many EU DPAs do not have adequate access to resources in order to be effective data privacy protectors. Although the data privacy law literature recognizes that many EU DPAs operate within such constraints, to date, there has been a dearth of empirical studies on how limited resources can impact on enforcement. A new article* makes a modest attempt to address this empirical gap by analysing selected empirical findings of a recent project which examined the investigations of multinational cloud providers by EU DPAs (Cloud Investigations).
This article draws on the fields of socio-legal studies and regulation to interpret these empirical findings and advances three arguments. First, due to their fiscal constraints, some EU DPAs often have to make tactical enforcement decisions about initiating Cloud Investigations as well as the foci and methods of Cloud Investigations. The decision-making process can be very complex for some EU DPAs as they have to not only consider but also at times balance a broad range of factors including external pressures, law and enforcement styles. Second, hybrid forms of data governance can often emerge during Cloud Investigations as EU DPAs delegate their regulatory tasks to private and governmental (other than EU DPAs) actors due to the limited resources. Finally, this article suggests that hybrid data governance needs to be carefully designed in order to ensure effective and robust data governance. Suggestions are made on how the ‘regulatory space’ can be designed in order to promote accountability, trust, robust data protection and effective multi-actor collaboration.